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(54) Broadcasting encrypted messages using session keys 



(57) A system and method for sending encrypted in- 
formation to multiple recipients is provided. Information 
such as a message or data to be sent to multiple recip- 
ients is encrypted using a selected session key, thereby 
generating a first encrypted message. The session key 
is then encrypted with each of a plurality of unique se- 
crets respectively associated with the multiple recipients 
to thereby generate a plurality of encrypted session 



keys. The encrypted message and the plurality of en- 
crypted session keys are combined in a second encrypt- 
ed message, which is transmitted to the multiple recip- 
ients. Each of the multiple recipients searches the en- 
crypted message for an encrypted session key which 
was encrypted with its associated unique secret, de- 
crypts the encrypted session key to retrieve the session 
key and decrypts an encrypted message using the re- 
trieved session key. 
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Description 

FIELD OF THE INVENTION 

[0001] The present invention relates generally to the 
field of data encryption. In particular, the invention re- 
lates to a system for broadcasting encrypted data to 
multiple recipients. 

BACKGROUND OF THE INVENTION 

[0002] Encryption involves encoding a message us- 
ing a small secret in such a way that an entity knowing 
the secret can recover the message, while an entity that 
does not know the secret cannot recover the message 
in a reasonable amount of time. There are well-known 
encryption schemes that enable a single sender to en- 
crypt a message for a single recipient provided the send- 
er and the recipient share a secret. These schemes, 
however, are not well adapted to situations where a sin- 
gle sender desires to send an encrypted message to 
multiple recipients. 

[0003] PGP and SMIME are the most common email 
techniques used for encrypting Internet email messag- 
es. The usual approach taken when the same message 
is sent to more than one recipient is to encrypt the mes- 
sage multiple times. First, the message is encrypted us- 
ing a secret shared between the sender and the first re- 
cipient and then the encrypted message is sent to the 
first recipient. Next, the sender encrypts the message a 
second time for a second recipient using asecretshared 
between the sender and the second recipient and sends 
the second encrypted message. This process is repeat- 
ed until the message has been encrypted for each in- 
tended recipient using the unique secret shared be- 
tween that intended recipient and the sender and the 
encrypted messages have been transmitted. In a com- 
munication environment where bandwidth (information 
channel capacity) is limited, such as in a wireless com- 
munications environment, sending multiple versions of 
the same message wastes resources, is very costly, 
highly inefficient and very slow. Additionally, data termi- 
nals, such as cellphones, PDAs and two-way pagers, 
communicating via wireless communications networks 
tend to have considerably less processing power than 
typical data terminals, such as desktops and worksta- 
tions, connected to the Internet; hence, multiple re-en- 
cryption associated with traditional encryption method- 
ologies pose significant processing power demand on 
wireless data terminals, which is undesirable. 
[0004] Therefore, there remains a need in this art for 
a more efficient method for sending the same encrypted 
message to multiple recipients. There remains a more 
particular need for a system that allows a sender to 
broadcast an encrypted message a single time for re- 
ceipt by multiple intended recipients whereby each in- 
tended recipients can decrypt the message and an un- 
intended recipient will be impeded in its effort to decrypt 



the message. 

SUMMARY OF THE INVENTION 

5 [0005] The present invention overcomes the prob- 
lems noted above and satisfies the need in this field for 
a system that allows a sender to broadcast an encrypted 
message a single time for receipt and decryption by mul- 
tiple intended recipients. 
w [0006] The present invention has many advanta- 
geous features. Not all of these features are simultane- 
ously required to practice the invention as claimed, and 
the following list is merely illustrative of the types of ben- 
efits that may be provided, alone or in combination, by 
15 the present invention. These advantages include: (1) 
bandwidth savings through the use of the system; (2) 
the system's adaptability to different mail address types; 
(3) providing a mechanism by which all intended recip- 
ients can decrypt the message while impeding the ef- 
20 forts of unintended recipients from decrypting the mes- 
sage; (4) providing a system in which information about 
an intended recipient's secret or decryption key is not 
leaked to another intended recipient or to any other in- 
dividual; and (5) the system's flexibility which allows its 
25 use with both public key (asymmetric), private key (sym- 
metric) encryption schemes or some hybrid combination 
thereof. 

[0007] In the invention, a system for sending encrypt- 
ed information to multiple recipients comprises means 
30 for selecting a session key, information encrypting 
means for encrypting information using the session key 
to thereby generate an encrypted message, key en- 
crypting means for generating a plurality of encrypted 
session keys by encrypting the session key using each 
35 of a plurality of unique keys associated with the multiple 
recipients, means for assembling the encrypted mes- 
sage and the plurality of encrypted session keys into a 
single transmission message, and a transmitter for 
transmitting the transmission message. 
40 [0008] In accordance with a further aspect of the 
present invention, a device for sending encrypted data 
to multiple recipients is provided. The device comprises 
a message recorder, an encryptor, and a transmitter. 
The message recorder is operative to store a message 
45 to be sent to a first recipient and to a second recipient. 
The encryptor is operative to select a session key, en- 
crypt the message using the session key thereby gen- 
erating a first encrypted message, encrypt the session 
key with a first secret thereby generating a first encrypt- 
50 ed session key, encrypt the session key with a second 
secret thereby generating a second encrypted session 
key, and generate a second encrypted message com- 
prising the first encrypted session key, the second en- 
crypted session key and the first encrypted message. 
55 The transmitter is operative to transmit the second en- 
crypted message. 

[0009] A method according to an aspect of the inven- 
tion encrypts a message to be sent by a sender to mul- 
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tiple recipients and comprises the steps of acquiring a 
session key, encrypting the message using said session 
key to generate a first encrypted message, encrypting 
said session key using a first secret thereby generating 
a first encrypted session key, encrypting said session 
key using a second secret thereby generating a second 
encrypted session key, and broadcasting an outgoing 
message comprising said first encrypted message, said 
first encrypted session key, and said second encrypted 
session key. 

[0010] The invention also provides a device for de- 
crypting a message broadcasted to a plurality of receiv- 
ers, the device comprising means for receiving the 
broadcasted message, means for searching a plurality 
of encrypted session keys in the broadcasted message 
to locate a particular encrypted session key, key de- 
crypting means for decrypting the particular encrypted 
session key, and information decrypting means for de- 
crypting a portion of the received message using the 
session key. A related method for decrypting a message 
by a recipient comprises the steps of acquiring an en- 
crypted message, searching said encrypted message 
for a first encrypted session key, decrypting said first en- 
crypted session key to retrieve a session key, and de- 
crypting a message block in said encrypted message 
using said retrieved session key. 
[0011] According to a further preferred embodiment 
of the invention, a method for encrypting a message to 
be sent by a sender to multiple recipients comprises the 
steps of acquiring a session key, encrypting the mes- 
sage using the session key to generate a first encrypted 
message, encrypting the session key using a first secret 
thereby generating a first encrypted session key, en- 
crypting the session key using a second secret thereby 
generating a second encrypted session key, encrypting 
the session key using a third, fourth, n-th secret 
thereby generating a third, fourth, n-th encrypted 
session key, respectively; and broadcasting an outgoing 
message comprising the first encrypted message, the 
first encrypted session key, and, the second, third, 
fourth,..., n-th encrypted session keys. 
[0012] The devices and methods in accordance with 
the invention may be implemented as hardware, com- 
puter software or a combination of both hardware and 
software. 

[0013] The keys or secrets used to encrypt the ses- 
sion key may be secret information shared between the 
sender or transmitter and each intended receiver. En- 
cryption of the session key in such embodiments in- 
volves applying a cipher algorithm, such as a data en- 
cryption standard (DES) algorithm, to the session key. 
The session key encrypting keys may instead be public 
keys generated by each of the multiple recipients and 
stored in a central key repository accessible to the send- 
er. Each of the intended multiple recipients stores a pri- 
vate key corresponding to its unique public key and is 
adapted to decrypt one of the plurality of encrypted ses- 
sion keys to thereby recover the session key. 



[0014] The second encrypted message may further 
comprise a plurality of globally unique identifications, 
each of the identifications associating a particular en- 
crypted session key to an intended recipient. An intend- 

5 ed recipient then locates its corresponding particular en- 
crypted session key by searching the identifications. 
[0015] The transmitters and receivers in which imple- 
mentation of the invention is contemplated include, but 
are in no way limited to, wireless communication devic- 

10 es, the two-way communication devices, pagers, hand- 
held wireless Internet appliances, rf transmitters and re- 
ceivers, wired and wireless modems, cellular tele- 
phones, communication-enabled personal digital as- 
sistants (PDAs) and broadcasting and subscriber ar- 

15 rangements in subscription broadcast systems such as 
pay television systems. 

BRIEF DESCRIPTION OF THE DRAWINGS 

20 [0016] The present invention will become apparent 
from the following description when read in conjunction 
with the accompanying drawings wherein: 

FIG. 1 illustrates in block diagram form a system in 
25 which the principles of the present invention may be 
practiced; 

FIG. 2 illustrates in flow diagram form a preferred 
algorithm for implementing an encryption method 
according to present invention; 

30 FIG. 3 illustrates in flow diagram form a preferred 
algorithm for implementing a decryption method ac- 
cording to present invention; 
FIG. 4 illustrates an exemplary generalized encrypt- 
ed message block generated in accordance with the 

35 present invention; 

FIG. 5 illustrates a more specific exemplary en- 
crypted message block generated in accordance 
with the present invention; 

FIG. 6 illustrates another example of the application 
40 of the present invention in a pay-per-use data com- 
munication broadcast; and, 

FIG. 7 illustrates in flow diagram form a preferred 
algorithm for the method of FIG. 2 as applicable for 
an n-plurality of recipients. 

45 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENT 

[0017] Referring now to the drawings, Figure 1 sets 
50 forth generally a system 2 in which the present invention 
is useful. The inventive method allows a sender S to 
transmit a single encrypted message to multiple intend- 
ed recipients through normal communication channels 
and provides each intended recipient with the ability to 
55 decrypt the encrypted message using a unique secret 
that that intended recipient shares with the sender S. A 
typical system for which the present invention is useful 
is a low bandwidth system such as one that utilizes an 
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RF link in the communication path. Email or data com- 
munication systems having message packaging and re- 
direction management being operative may also utilize 
the present invention. An example of such a system is 
set forth in co-pending United States Patent Application 
No. 09/087,623 titled "System and Method for Pushing 
Information From a Host System to a Mobile Data Com- 
munication Device". The system and method for push- 
ing information from a host system to a mobile device 
described therein is a preferred system and method for 
the present invention herein; however, it is to be under- 
stood other types of systems and methods could be im- 
plemented that utilizes the present invention. 
[001 8] I n accordance with a preferred embodiment of 
the present invention, a sender S transmits an encrypt- 
ed message once using a transmission device 4, such 
as a cellphone, PDA or two-way pager, to a base station 
6 that is part of a communication network 8. The mes- 
sage is forwarded through the communication network 
8 to a gateway device 1 0. The gateway device 1 0 trans- 
fers the message from the network 8 to a wide area net- 
work 12 such as the Internet. Intended recipients A and 
B through their respective Internet connection method 
receive the message transmitted by the sender S. 
The intended recipients A and B then, using the decryp- 
tion method of the present invention, decrypt the mes- 
sage. An unintended recipient C, who may intercept the 
message, however is impeded from deciphering the 
message because the unintended recipient C lacks a 
secret to decrypt the message. An important advantage 
of the inventive method is that by only sending the mes- 
sage once bandwidth is saved. It is be understood that 
although the description herein generally refers to the 
present invention in application with messages, specif- 
ically email messages, the present invention in no way 
is limited to the application of such messages, but may 
include any form of data communication or datagram 
that requires secure transmission to the intended recip- 
ients. 

[0019] The preferred transmission device 4 compris- 
es a message recorder, an encryptor, and a transmitter. 
The device circuit is preferably configured to operate as 
a wireless transceiver, such as a two paging computer, 
a portable electronic messaging device or a hand-held 
email client. An example of such a device is set forth in 
co-pending United States Patent Application No. 
09/106,585 titled "Hand-Held Electronic Device With A 
Keyboard Optimized for Use With the Thumbs". Al- 
though this is a preferred circuit for such a device, other 
types of circuits could be utilized in the present inven- 
tion. 

[0020] The message recorder is operative to store the 
message that is to be sent to a plurality of intended mes- 
sage recipients. The message recorder could comprise 
a memory element such as RAM, a tape storage ele- 
ment, adisk storage medium, CD ROM storage medium 
or other mediums capable of use for storing a message 
entered by a sender. The message could be in a number 



of forms such as text, voice or others. 
[0021 ] The encryptor is operative to encrypt the mes- 
sage thereby generating a first encrypted message. The 
encryptor could be composed of a number of different 
5 devices such as a microprocessor or other digital circuit, 
or could reside in programming that performs the en- 
cryption steps. In a preferred embodiment of the present 
invention, the encryptor is software residing in the de- 
vice 4. The encryptor performs the encryption function 
10 by (1) selecting a session key, (2) encrypting the mes- 
sage using the session key thereby generating the first 
encrypted message and (3) encrypting the session key 
multiple times. This latter step (3) involves the encryptor 
encrypting the session key once using each secret that 
the sender shares with the intended recipients thereby 
generating multiple encrypted session keys. The en- 
cryptor also at step (4) performs another encryption step 
thereby generating a second encrypted message which 
comprises all encrypted session keys and the first en- 
crypted message. A more detailed description of the en- 
cryption algorithm is discussed below. 
[0022] The transmitter is operative to transmit the sec- 
ond encrypted message. The transmitter could com- 
prise a number of different devices such as an rf trans- 
mitter, a modem, an optical transmitter, and others that 
are capable of forwarding the encrypted message to a 
network so that it can be routed to the intended recipi- 
ents. 

[0023] An exemplary transmission device 4 is a two- 
way communications device such as a cell phone, two- 
way pager or PDA but other devices such a pay-per- 
view television broadcast station or satellite could be 
used as shown in Figure 6. In the pay-per-view televi- 
sion broadcast embodiment, a television show 60 to be 
broadcasted is encrypted once with a single randomly 
generated session key. Sometime before the encrypted 
show is to be broadcast, the session key is encrypted 
once for each paying customer and these (suitably la- 
beled) encrypted session keys 62, 64 broadcast. Paying 
customers would be able to acquire the session key by 
monitoring the list of encrypted versions of the session 
key, identifying the version encrypted using their master 
key, then decrypting the value. Hence, the show could 
then be broadcast once in encrypted form. Although 
shown in Fig. 6 and described in conjunction with a pay- 
per-view television system, the invention may also be 
implemented in other subscriber type broadcast sys- 
tems. 

[0024] An exemplary algorithm for sending an en- 
crypted message according to one aspect of the inven- 
tion is illustrated in flow chart form in Figure 2. In the 
preferred system, the sender S and a first intended re- 
cipient A share a secret K, and the sender S and a sec- 
ond intended recipient B share a secret L. In this pre- 
ferred system, the first intended recipient A does not 
know the secret L and the second intended recipient B 
does not know the secret K. Finally, in this preferred sys- 
tem an unintended recipient C does not know the secret 
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K or the secret L. 

[0025] First, the sender S generates a random 
number to use as a session key R at step 20. At this 
point the randomly chosen session key R is only known 
to the sender S. The sender S, then, encrypts a mes- 
sage M once using the randomly chosen session key R 
to generate an encoded message M1 at step 22. Next, 
the sender S encrypts the session key R repeatedly us- 
ing each intended recipient's secret. The sender S, first, 
encrypts the session key R using the secret K to gener- 
ate a first encoded session key R1 at step 24 and then 
encrypts the session key R using the secret L to gener- 
ate a second encoded session key R2 at step 26. It will 
be apparent to those skilled in the art that the cipher 
algorithm used to encrypt the session key is preferably 
a cipher believed to be secure against plaintext attacks. 
DES (data encryption standard), triple-DES are two 
such known ciphers, although any cipher algorithms 
which guard against plaintext attacks may be used to 
encrypt the session key in accordance with the inven- 
tion. 

[0026] Finally, the sender S transmits an encoded 
message M2 which comprises a single copy of the en- 
coded message M1 , a copy of the first encoded session 
key R1 , and a copy of the second encoded session key 
R2 at step 28. Optionally, a sender S could also include 
in the encoded message M2 a copy of an ID for each 
intended recipient to assist each intended recipient in 
identifying the encoded session key generated for the 
specific intended recipient. This system has been de- 
scribed in terms of a single sender S and two intended 
recipients A and B. However, one skilled in the art could 
modify the system for use with any number of recipients 
as illustrated in Fig. 7. 

[0027] An exemplary algorithm for decrypting the 
message M1 according to another aspect of the inven- 
tion is illustrated in flow chart form in Figure 3. To decrypt 
the message M1, the intended recipients A and B use 
their secrets, K and L, respectively, to decrypt the en- 
crypted session keys R1 and R2, respectively, to de- 
crypt and recover the session key R. The intended re- 
cipients A and B then use the randomly chosen session 
key R to decrypt and recover the message M. Specifi- 
cally, recipient A identifies the encrypted session key R1 
at step 30. Recipient A then uses the shared secret K 
to decrypt and recover the randomly chosen session key 
R from the first encoded session key R1 at step 32. Re- 
cipient A then uses the randomly chosen session key R 
to decrypt the message M1 to generate the original mes- 
sage M at step 34. Recipient B decrypts the message 
M1 in a similar manner. First, recipient B identifies the 
encrypted session key R2 at step 30. Recipient B then 
uses the shared secret L to recover the randomly cho- 
sen session key R from the second encoded session 
key R2 at step 32. Recipient B then uses the randomly 
chosen session key R to decrypt the message M1 to 
generate the original message M at step 34. 
[0028] An unintended recipient C who does not know 



either K or L cannot use either the first encoded session 
key R1 or the second encoded session key R2 to recov- 
er the randomly chosen session key R. Without the 
knowledge of the randomly chosen session key R, the 
5 unintended recipient C will be impeded in its effort to 
decrypt the message M1 to recover the message M. Al- 
though both A and B decrypt the session key and also 
have access to an encrypted key destined for the other 
intended recipient, the cipher used to encrypt the ses- 
sion key R is preferably a cipher which is believed to be 
secure against a plaintext attack, as described above, 
and thereby prevents A or B from determining the secret 
of the other recipient. In systems with greater than two 
intended recipients, all recipients are similarly unable to 
determine the secret shared between other stations and 
the sender. 

[0029] The algorithm for decrypting the message M1 
optionally could include the following technique to assist 
recipient A in identifying the encrypted session key R1 
and recipient B in identifying the encrypted session key 
R2. This technique is made clear in the discussion below 
describing the format of the transmitted message. 
[0030] Figure 4 illustrates in block diagram form an 
exemplary, generalized encrypted message block that 
could be generated using the present invention. The ex- 
emplary message block comprises a header section 40 
and a data section 42. The exemplary header section 
comprises a secret identifier block 44 for each intended 
recipient and a terminator block 46. Each secret identi- 
fier block 44 includes an identifier field 48 for the recip- 
ient and an encoded session key field 50 for the recipi- 
ent. The identifier field 48 contains a globally unique 
identifier for the intended recipient to which that secret 
identifier block 44 is addressed. The encoded session 
key field 50 includes the encoded session key that has 
been encrypted using the secret of the intended recipi- 
ent to which that block is addressed. 
[0031 ] The inclusion of a secret identifier block 44 with 
each encrypted secret allows each intended recipient to 
immediately identify which encrypted header block 
should be decrypted to retrieve the value R used to en- 
crypt the message. An example of a data block that has 
been generated according to one aspect of the present 
invention is shown in Figure 5. 

[0032] While the present invention has been de- 
scribed with reference to a symmetric key scheme, one 
skilled in the art would recognize that the present inven- 
tion could be applied in both a symmetric key scheme 
and in a public key scheme. In asymmetric key scheme, 
for each pair comprising the sender and a recipient, 
there is a common master key known to both parties. In 
a symmetric key implementation, the shared secret re- 
ferred to in the present invention is the master key 
known to both the sender and a single intended recipi- 
ent. The session key can thus be passed from the send- 
er to the recipient by encrypting the session key with the 
shared master key (for that recipient) and attaching the 
encrypted session key to the encrypted message. A 
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suitable identifier is required so that the recipient can 
identify which version of the session key should be de- 
crypted with its master key. 

[0033] The present invention also works when used 
with a public key scheme. In a public key scheme, each 
party (sender and recipients) generates a public key/pri- 
vate key pair. The public key is published (made avail- 
able globally) by placing it into a database (commonly 
known as a certificate authority). The corresponding pri- 
vate key is kept secret by the party that generated the 
pair. The fundamental idea behind a public key scheme 
is that (a) there is no way to derive the private key simply 
from knowledge of the public key, and (b) data encrypted 
by one key of the pair can only be decrypted using the 
other key of the pair. In order to exchange a session key, 
the sender encrypts the session key with the public key 
of the intended recipient. The intended recipient is the 
only party with access to the corresponding private key 
that can be used to decrypt, and thus recover, the ses- 
sion key. The "shared secret" referred to in the present 
invention is thus the combination of the senders knowl- 
edge of the recipient's public key and the recipient's 
knowledge of the corresponding private key. This inven- 
tion only requires the ability to pass a session key from 
the sender to the intended recipients. 
[0034] The bandwidth saving the can be achieved 
through the use of the present invention can be illustrat- 
ed using the following example. For illustrative purpos- 
es, it can be assumed that a piece of encrypted data has 
the same size as the original (unencrypted) data. There- 
fore, a transmitted encrypted message M2 is approxi- 
mately equal to twice the size of the randomly chosen 
session key R plus the size of the encrypted message 
M1. Using example sizes of randomly chosen session 
key R being 20 bytes and the encrypted message M1 
being 2048 bytes, this yields a transmitted encrypted 
message M2 of 2 x 20 + 2048 = 2088 bytes. On the other 
hand, if the encrypted message M1 were sent twice, 
once to recipient A and once to recipient B as is done 
in the prior art methods, the size of the encrypted mes- 
sages sent would be 2 x 2048 = 4096 bytes. 
[0035] The present invention has the following addi- 
tional advantages. The present invention provides a 
system whereby an unintended recipient C is impeded 
from recovering the message M and prevented from 
learning anything about secrets K or L. Intended recip- 
ients are also prevented from learning anything about 
secrets shared between the sender and other recipi- 
ents. The present invention also provides a system with 
the capability to send an encrypted message to recipi- 
ents having different address types. 
[0036] Having described in detail the preferred and al- 
ternate embodiments of the present invention, including 
the preferred modes of operation, it is to be understood 
that the invention is capable of other and different em- 
bodiments, its several details are capable of modifica- 
tions in various respects, and its operation could be car- 
ried out with different elements and steps, all without de- 



parting from the spirit of the invention. The drawings and 
description of the preferred and alternate embodiments 
are presently only by way of example and are be regard- 
ed as illustrative in nature and are not meant to limit the 
5 scope of the present invention which is defined by the 
following claims. 



Claims 

10 

1 . A system for sending encrypted information to mul- 
tiple recipients comprising: 

means for selecting a session key; 

15 information encrypting means for encrypting in- 

formation using the session key to thereby gen- 
erate an encrypted message; 
key encrypting means for generating a plurality 
of encrypted session keys by encrypting the 

20 session key using each of a plurality of unique 

keys associated with the multiple recipients; 
means for assembling the encrypted message 
and the plurality of encrypted session keys into 
a single transmission message; and 

25 a transmitter for transmitting the transmission 

message. 

2. The system according to claim 1, wherein each of 
the plurality of unique keys is apublic key generated 

30 by one of the multiple recipients. 

3. The system according to claim 2, wherein the plu- 
rality of unique keys is stored in a central key repos- 
itory accessible to the means for generating a plu- 

35 rality of encrypted session keys. 

4. The system according to claim 2, wherein: 

each of the multiple recipients stores a private 
key corresponding to its unique public key and is 
40 adapted to decrypt one of the plurality of encrypted 
session keys to thereby recover the session key. 

5. The system according to claim 1, wherein each of 
the plurality of unique keys is a secret shared be- 

45 tween the system for sending encrypted information 
and one of the multiple recipients. 

6. The system according to claim 5, wherein the key 
encrypting means encrypts the session key by ap- 

50 plying a cipher algorithm. 

7. The system according to claim 6, wherein the cipher 
algorithm is a data encryption standard (DES) algo- 
rithm. 

55 

8. The system according to claim 3, wherein the trans- 
mitter is a wireless transmitter. 
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9. A device for sending encrypted data to multiple re- 
cipients comprising: 

a message recorder that is operative to store a 
message to be sent to a plurality of recipients; 5 
an encryptor that is operative to: 

select a random session key, 

encrypt the message using the random session 

key thereby generating a first encrypted mes- 10 

sage, 

produce a plurality of encrypted session keys 
each of which comprises the random session 
key encrypted with a secret unique to a respec- 
tive recipient, and 15 
generate a second encrypted message com- 
prising the plurality of encrypted session keys 
and the first encrypted message; and 
a transmitter that is operative to transmit the 
second encrypted message. 20 



session key. 

17. The method according to claim 1 6 wherein each of 
the steps of encrypting the session key comprises 
the step of applying a cipher algorithm to the ses- 
sion key. 

18. The method according to claim 1 6 wherein said step 
of acquiring a session key comprises the step of se- 
lecting a random number to use as said session key. 

19. The method according to claim 1 6 wherein said first 
secret is a secret shared between the sender and 
a first intended recipient of said outgoing message 
and said second secret is a secret shared between 
the sender and a second intended recipient of said 
outgoing message. 

20. The method according to claim 1 6 wherein said out- 
going message further comprises: 



10. The device according to claim 9 wherein the second 
encrypted message further comprises: 

a plurality of globally unique identifications, 
each of the identifications to associate the encrypt- 
ed session key to the intended recipient. 

1 1 . The device according to claim 9 wherein the device 
is a two-way communications device. 

12. The device according to claim 9 wherein the device 
is a pager. 

13. The device according to claim 9 wherein the device 
is a handheld wireless Internet appliance. 

14. The device according to claim 9 wherein said trans- 
mitter is an rf transmitter. 

15. The device according to claim 9 wherein said trans- 
mitter is a modem. 

16. A method for encrypting a message to be sent by a 
sender to multiple recipients comprising the steps 
of: 

acquiring a session key; 

encrypting the message using said session key 

to generate a first encrypted message; 

encrypting said session key using a first secret 

thereby generating a first encrypted session 

key; 

encrypting said session key using a second se- 
cret thereby generating a second encrypted 
session key; and 

broadcasting an outgoing message comprising 
said first encrypted message, said first encrypt- 
ed session key, and said second encrypted 



a first globally unique identification for a first in- 
tended recipient; and 

a second globally unique identification for a 
25 second intended recipient. 

21 . A method for encrypting a message to be sent by a 
sender to multiple recipients comprising the steps 
of: 

30 

acquiring afirst globally unique identification for 
a first intended recipient; 
acquiring a first secret wherein said first secret 
is a secret shared between the sender and the 

35 first intended recipient; 

acquiring a second globally unique identifica- 
tion for a second intended recipient; 
acquiring a second secret wherein said second 
secret is a secret shared between the sender 

40 and the second intended recipient; 

acquiring a random session key; 
encrypting the message using said session key 
to generate a first encrypted message; 
encrypting said session key using a first secret 

45 thereby generating a first encrypted session 

key; 

encrypting said session key using a second se- 
cret thereby generating a second encrypted 
session key; and 
50 broadcasting an outgoing message compris- 

ing: said first globally unique identification, said 
first encrypted session key, said second global- 
ly unique identification, said second encrypted 
session key, and said first encrypted message. 

55 

22. A device for decrypting a message broadcasted to 
a plurality of receivers, the device comprising: 
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means for receiving the broadcasted message; 
means for searching a plurality of encrypted 
session keys in the broadcasted message to lo- 
cate a particular encrypted session key; 
key decrypting means for decrypting the partic- 
ular encrypted session key; and 
information decrypting means for decrypting a 
portion of the received message using the ses- 
sion key. 

23. The device according to claim 22, wherein the de- 
vice is a wireless communication device. 

24. The device according to claim 22, wherein the de- 
vice is a modem. 

25. The device according to claim 24, wherein the de- 
vice is a wireless modem. 



decrypting said first encrypted session key to 
retrieve a session key using a secret shared 
with the sender of the broadcasted message; 
and 

5 decrypting a message block in the broadcasted 

message using said retrieved session key. 

32. A method for exchanging encrypted messages be- 
tween a sender and a first intended recipient and 

10 the sender and a second intended recipient com- 
prising the steps of: 

acquiring a random session key; 
encrypting a message using said session key 
to generate a first encrypted message; 
encrypting said session key using a first secret 
shared between the sender and the first intend- 
ed recipient thereby generating a first encrypt- 
ed session key; 

encrypting said session key using a second se- 
cret shared between the sender and the second 
intended recipient thereby generating a second 
encrypted session key; 

broadcasting an outgoing message compris- 
ing: a first globally unique identification for the 
first intended recipient, said first encrypted ses- 
sion key, a second globally unique identification 
for the second intended recipient, said second 
encrypted session key, and said first encrypted 
message; 

acquiring said broadcasted outgoing message 
by the first intended recipient; 
locating in the message said first globally 
unique identification; 

locating said first encrypted session key that 
corresponds to said first globally unique identi- 
fication; 

decrypting said first encrypted session key to 
retrieve said session key using said first secret; 
and 

decrypting a message block in said broadcast- 
ed message using said retrieved session key. 

33. The method of claim 32 furthercomprising the steps 
of: 

acquiring said broadcasted outgoing message 
by the second intended recipient; 
locating in the message said second globally 
unique identification; 

locating said second encrypted session key 
that corresponds to said second globally 
unique identification; 

decrypting said second encrypted session key 
to retrieve said session key using said second 
secret; and 

decrypting a message block in said broadcast- 
ed message using said retrieved session key. 



26. The device according to claim 22, wherein the de- 20 
vice is a cellular telephone. 

27. The device according to claim 22, implemented in 
a subscriber receiver in a pay television system. 

25 

28. A method for decrypting a message by a recipient 
comprising the steps of: 

acquiring an encrypted message; 
searching said encrypted message for a first 30 
encrypted session key; 

decrypting said first encrypted session key to 
retrieve a session key; and 
decrypting a message block in said encrypted 
message using said retrieved session key. 35 

29. The method of claim 28 wherein said step of de- 
crypting said first encrypted session key comprises 
the step of using a secret shared with the sender of 
the message to decrypt said first encrypted session 40 
key. 

30. The method of claim 28 wherein said step of search- 
ing said encrypted message comprises the steps 
of: locating a globally unique identification that cor- 45 
responds to the recipient and locating a first en- 
crypted session key that corresponds to said glo- 
bally unique identification. 

31. A method for a single recipient to decrypt a mes- 50 
sage broadcasted to multiple recipients comprising 
the steps of: 

acquiring the broadcasted message; 
locating in the message a globally unique iden- 55 
tification that corresponds to the recipient; 
locating a first encrypted session key that cor- 
responds to said globally unique identification; 
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34. A device for sending encrypted data to multiple re- 
cipients comprising: 

a message recorder that is operative to store a 
message to be sent to at least a first recipient 5 
and a second recipient; 
an encryptor that is operative to select a ran- 
dom session key, encrypt the message using 
the random session key thereby generating a 
first encrypted message, encrypt the session 10 
key with a first secret thereby generating a first 
encrypted session key, encrypt the session key 
with a second secret thereby generating a sec- 
ond encrypted session key, and generate a 
second encrypted message comprising the first 15 
encrypted session key, the second encrypted 
session key and the first encrypted message; 
and 

a transmitter that is operative to transmit the 
second encrypted message. 20 



35. A method for encrypting a message to be sent by a 
sender to n recipients comprising the steps of: 

(1) acquiring a session key; 

(2) encrypting the message using the session 
key to generate a first encrypted message; 

(3) encrypting the session key using a secret 
associated with a recipient thereby generating 
an encrypted session key; 

(4) repeating step (3) n-1 times thereby gener- 
ating a plurality of unique encrypted session 
keys; and 

(5) broadcasting an outgoing message com- 
prising the plurality of encrypted session keys 
and the encrypted message. 

36. The method according to claim 34 wherein the step 
of acquiring a session key comprises the step of se- 
lecting a random number to use as the session key. 

37. The method according to claim 35 wherein the se- 
cret is a secret shared between the sender and the 
recipient who is the intended decryptor of the en- 
crypted session key. 

38. The method according to claim 36 wherein the out- 
going message further comprises a plurality of glo- 
bally unique identifications wherein each unique en- 
crypted session key has a globally unique identifi- 
cation associated therewith. 

39. A computer-readable medium storing statements or 
instructions which, when executed by a processor 
operatively associated with an information source, 
perform the functions of: 

selecting a session key; 



encrypting information using the session key to 
thereby generate encrypted information; 
for each of a plurality of intended receivers to 
which the information is to be sent, encrypting 
the session key using a unique secret associ- 
ated with each intended receiver, to thereby 
generate a plurality of encrypted session keys; 
and 

combining the encrypted information and the 
plurality of encrypted session keys into a single 
message for transmission to the plurality of in- 
tended receivers. 

40. The computer-readable medium according to claim 
39, wherein: 

the information source is operatively associat- 
ed with a communication signal transmitter 
coupled to a communication network; and 
the medium stores further statements or in- 
structions which when executed perform the 
function of broadcasting the message on the 
communication network via the transmitter. 

25 41. A computer-readable medium storing statements or 
instructions which, when executed in a processor 
operatively associated with a communication signal 
receiver, performs the functions of: 

30 searching a plurality of encrypted session keys 

in a received message for a particular encrypt- 
ed session key; 

upon detecting the particular encrypted session 
key, decrypting the particular encrypted ses- 
35 sion key; and 

decrypting a portion of the received message 
using the session key. 

42. A computer program product comprising: 
40 a first computer-readable medium operatively 

associated with a transmitter and storing state- 
ments or instructions which, when executed, per- 
form the functions of: 

45 encrypting information using a session key to 

thereby generate encrypted information; 
encrypting the session key using a unique se- 
cret associated with an intended receiver to 
which the encrypted information is to be trans- 
50 mitted; 

repeating the function of encrypting the session 
key for each of a plurality of intended receivers 
to which the information is to be transmitted, us- 
ing a respective unique secret associated with 
55 each intended receiver, to thereby generate a 

plurality of encrypted session keys; and 
combining the encrypted information and the 
plurality of encrypted session keys into a single 
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message for transmission to the plurality of in- 
tended receivers, and 

a second computer-readable medium opera- 
tively associated with a receiver and storing 
statements or instructions which, when execut- 
ed, perform the functions of: 

searching a plurality of encrypted session keys 
in a received message for a particular encrypt- 
ed session key; 

upon detecting the particular encrypted session 
key, decrypting the particular encrypted ses- 
sion key; and 

decrypting an encrypted information portion of 
the received message using the session key. 
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